[英]Prevent GPG key sharing in VSCode Remote Container
The following paragraph in the official docs describes how to enable GPG key sharing (from localhost to Remote Container) in VSCode ( https://code.visualstudio.com/docs/remote/containers#_sharing-gpg-keys ).官方文档中的以下段落描述了如何在 VSCode ( https://code.visualstudio.com/docs/remote/containers#_sharing-gpg-keys ) 中启用 GPG 密钥共享(从本地主机到远程容器)。
The instructions (for Linux) simply state that to share GPG keys, install gnupg2
locally and in the container.说明(适用于 Linux)只需 state 即可共享 GPG 密钥,在本地和容器中安装gnupg2
。 But what if I have gnupg2
installed but I don't want to have the keys shared?但是,如果我安装了gnupg2
但我不想共享密钥怎么办? From what I can tell, VSCode execs post-startup commands within the container where the key sharing gets done, eg:据我所知,VSCode 在完成密钥共享的容器中执行启动后命令,例如:
Copy /home/karlschriek/.gnupg/pubring.kbx to /home/vscode/.gnupg/pubring.kbx
Copy /home/karlschriek/.gnupg/trustdb.gpg to /home/vscode/.gnupg/trustdb.gpg
...
I have not been able to find a setting that will prevent this.我一直无法找到可以防止这种情况的设置。 It is also, presumably, using the same gpg-agent
as the localhost.据推测,它也使用与本地主机相同的gpg-agent
。 I would like to prevent this.我想阻止这种情况。
Since this behavior does not seem configurable, I would由于这种行为似乎不可配置,我会
GNUPGHOME
environment variable将这些文件移动到自定义文件夹中(在 ~/.gnupg 之外,并使用GNUPGHOME
环境变量引用它export GNUPGHOME=""
编写一个远程 VSCode 启动脚本,它将在本地export GNUPGHOME=""
后启动 VSCodeThat way, VSCode would search for gnupg files to share in the default ~/.gnupg folder, which is not used in your case.这样,VSCode 将搜索 gnupg 文件以在默认的 ~/.gnupg 文件夹中共享,您的情况未使用该文件夹。
It is a simple workaround, not an exact solution, but one simple enough to test.这是一个简单的解决方法,不是精确的解决方案,但足够简单以供测试。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.